CRITICAL🇵🇱 Wersja polska

CVE-2025-34217

CVSS 10.0v4.0pub. 2025-09-30upd. 2025-10-07

Vasion Print (formerly PrinterLogic) Virtual Appliance Host and Application (VA/SaaS deployments) contain an undocumented 'printerlogic' user with a hardcoded SSH public key in '~/.ssh/authorized_keys' and a sudoers rule granting the printerlogic_ssh group 'NOPASSWD: ALL'. Possession of the matching private key gives an attacker root access to the appliance.

🤖 AI Analysis
How it works

In the Virtual Appliance system, there exists a hidden user 'printerlogic' whose '~/.ssh/authorized_keys' file contains a predefined (hardcoded) SSH public key — the corresponding private key is known or can be obtained by an attacker. At the same time, the 'printerlogic_ssh' group has an entry in the sudoers configuration with the NOPASSWD: ALL option, meaning any command can be executed as root without password entry. An attacker connects remotely via SSH, authenticating with the possessed private key, and immediately escalates privileges to root level.

Impact

An attacker gains full control over the Virtual Appliance device with root privileges — can read, modify and delete data, install malicious software, take control of print services, and potentially use the device as a pivot point for further lateral movement in the network.

Mitigation & patch

Patches available from the vendor must be applied according to the references (https://help.printerlogic.com/saas/Print/Security/Security-Bulletins.htm and https://help.printerlogic.com/va/Print/Security/Security-Bulletins.htm). Until updates are applied, it is recommended to restrict SSH access to the appliance only to trusted IP addresses at the firewall level and monitor login attempts to the 'printerlogic' account.

Who is affected

Vasion Print (formerly PrinterLogic) Virtual Appliance Application and Virtual Appliance Host (VA/SaaS deployments); specific versions indicated in vendor references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Vasion Virtual Appliance Application

    APP
    Vasion
    wszystkie wersje
  • Vasion Virtual Appliance Host

    APP
    Vasion
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-34210CRITICAL9.4PL ✓ten sam produkt

Vasion Print Virtual Appliance — hasła w plikach plaintext dostępnych dla wszystkich

CVE-2025-34211CRITICAL9.3PL ✓ten sam produkt

Vasion Print: hardcoded klucz prywatny SSL we wszystkich instancjach

CVE-2025-34196CRITICAL9.3PL ✓ten sam produkt

Vasion Print: hardcoded klucz prywatny CA i hasło w plikach konfiguracyjnych

CVE-2025-34209CRITICAL9.4PL ✓ten sam produkt

Hardcoded klucz prywatny GPG w Vasion Print Virtual Appliance

CVE-2025-34215CRITICAL9.4PL ✓ten sam produkt

Vasion Print Virtual Appliance — nieautoryzowane RCE przez firmware-upload